flashplayer__3650_i107792669_il73.exe
Installer
Amônétízé Ltd
Part of the Amonetize download manager, an installer that bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application flashplayer__3650_i107792669_il73.exe has been detected as adware by 18 anti-malware scanners. The installer uses the InstallMonetizer platform which will donwload and install adware toolbars and other potentially unwanted software offers during setup. The file has been seen being downloaded from www.normaldownload.com and multiple other hosts. While running, it connects to the Internet address www.ibbalance.com on port 443.
File name:
flashplayer__3650_i107792669_il73.exe
MD5:
138ccc3c82897111ade5d490d48a9b25
SHA-1:
859a451daa2d8d8d71fef4cd0935dd3bbc64e896
Scanner detections:
18 / 68
Explanation:
Uses the InstallMonetizer distribution platform to bundle adware.
Analysis date:
12/24/2024 2:00:26 AM UTC (today)
Scan engine
Detection
Engine version
Agnitum Outpost
PUA.Amonetize
7.1.1
AhnLab V3 Security
PUP/Win32.Amonetiz
14.07.11
Avira AntiVirus
ADWARE/Adware.Gen2
7.11.137.202
avast!
Win32:Amonetize-R [PUP]
2014.9-140711
Comodo Security
ApplicUnwnt
17951
Dr.Web
Adware.Downware.1575
9.0.1.0192
ESET NOD32
Win32/Amonetize (variant)
8.9559
Fortinet FortiGate
Riskware/Amonetize
7/11/2014
G Data
Win32.Application.Amonetize
14.7.24
IKARUS anti.virus
not-a-virus:Downloader.Win32.Agent
t3scan.2.2.29
K7 AntiVirus
Unwanted-Program
13.176.11482
Kaspersky
not-a-virus:HEUR:AdWare.Win32.Amonetize
14.0.0.3576
Malwarebytes
PUP.Optional.InstallMonetizer
v2014.07.11.08
McAfee
Artemis!138CCC3C8289
5600.7072
Reason Heuristics
PUP.Installer.Amonetize.b
14.7.28.0
Trend Micro House Call
TROJ_GEN.F47V0119
7.2.192
VIPRE Antivirus
Amonetize
27514
File size:
149.6 KB (153,216 bytes)
Copyright:
(c) Amônétízé Ltd, 2012,2013. All rights reserved.
Original file name:
Installer.exe
File type:
Executable application (Win64 EXE)
Language:
English (United States)
Common path:
C:\users\{user}\downloads\flashplayer__3650_i107792669_il73.exe
The file flashplayer__3650_i107792669_il73.exe has been seen being distributed by the following 2 URLs.
The executing file has been seen to make the following network communications in live environments.